Washington Health Insurance Exchange Apologizes for Data Breach
Date
4/20/2023 5:00:59 AM
(MENAFN) The recent data breach of Washington's health insurance exchange, which resulted in the exposure of personal information belonging to thousands of users, including members of Congress, has been identified as the result of human error.
Executive director of the District of Columbia Health Benefit Exchange Authority, Mila Kofman, offered an apology to House members during a joint session of two House Oversight subcommittees on Wednesday. According to Kofman, the breach occurred as a result of a server being incorrectly configured in mid-2018 when the internal communications tool Slack was installed.
This configuration error ultimately allowed an unauthorized individual to access the server and steal two reports which contained sensitive personal information. The reports included data of "56,415 current and past customers including members of Congress, their families, and staff."
In the aftermath of the breach, some of this information was offered for sale on an online forum. The issue first came to light when members of the House of Representatives and the Senate were alerted to the possibility that they and their staffers may have been impacted. Despite the breach being caused by human error, Kofman praised her agency's prompt response once the breach was discovered in early March.
She explained that outside experts and the FBI Cyber Security Task Force were immediately brought in to identify and shut down the security flaw, and those potentially affected by the breach were offered identity theft and credit monitoring protection. While Kofman's apology and agency's response are commendable, the incident highlights the need for heightened cybersecurity protocols and training to prevent similar breaches in the future.
MENAFN20042023000045014146ID1106052911
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.